Skip to content

Commit

Permalink
Substitute ChallengeGenerator by the generic sponge (#139)
Browse files Browse the repository at this point in the history
* Rename nonnative to emulated, as in `r1cs-std`

* Run `fmt`

* Temporarily change `Cargo.toml`

* Substitute `ChallengeGenerator` with the generic sponge

* Run `fmt`

* Remove the extra file

* Update modules

* Delete the unnecessary loop

* Revert `Cargo.toml`

* Refactor `FoldedPolynomialStream` partially

* Update README

* Make the diff more readable

* Bring the whitespace back

* Make diff more readable, 2
  • Loading branch information
autquis authored Jan 14, 2024
1 parent ae5d8f4 commit 3291693
Show file tree
Hide file tree
Showing 9 changed files with 100 additions and 192 deletions.
12 changes: 5 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ This trait defines the interface for a polynomial commitment scheme. It is recom
// In this example, we will commit to a single polynomial, open it first at one point, and then batched at two points, and finally verify the proofs.
// We will use the KZG10 polynomial commitment scheme, following the approach from Marlin.

use ark_poly_commit::{Polynomial, marlin_pc::MarlinKZG10, LabeledPolynomial, PolynomialCommitment, QuerySet, Evaluations, challenge::ChallengeGenerator};
use ark_poly_commit::{Polynomial, marlin_pc::MarlinKZG10, LabeledPolynomial, PolynomialCommitment, QuerySet, Evaluations};
use ark_bls12_377::Bls12_377;
use ark_crypto_primitives::sponge::poseidon::{PoseidonSponge, PoseidonConfig};
use ark_crypto_primitives::sponge::CryptographicSponge;
Expand Down Expand Up @@ -130,15 +130,13 @@ let (ck, vk) = PCS::trim(&pp, degree, 2, Some(&[degree])).unwrap();
// The prover commits to the polynomial using their committer key `ck`.
let (comms, rands) = PCS::commit(&ck, [&labeled_poly], Some(rng)).unwrap();

let challenge_generator: ChallengeGenerator<<Bls12_377 as Pairing>::ScalarField, Sponge_Bls12_377> = ChallengeGenerator::new_univariate(&mut test_sponge);

// 4a. PolynomialCommitment::open
// Opening proof at a single point.
let proof_single = PCS::open(&ck, [&labeled_poly], &comms, &point_1, &mut (challenge_generator.clone()), &rands, None).unwrap();
let proof_single = PCS::open(&ck, [&labeled_poly], &comms, &point_1, &mut (test_sponge.clone()), &rands, None).unwrap();

// 5a. PolynomialCommitment::check
// Verifying the proof at a single point, given the commitment, the point, the claimed evaluation, and the proof.
assert!(PCS::check(&vk, &comms, &point_1, [secret_poly.evaluate(&point_1)], &proof_single, &mut (challenge_generator.clone()), Some(rng)).unwrap());
assert!(PCS::check(&vk, &comms, &point_1, [secret_poly.evaluate(&point_1)], &proof_single, &mut (test_sponge.clone()), Some(rng)).unwrap());

let mut query_set = QuerySet::new();
let mut values = Evaluations::new();
Expand All @@ -155,7 +153,7 @@ let proof_batched = PCS::batch_open(
[&labeled_poly],
&comms,
&query_set,
&mut (challenge_generator.clone()),
&mut (test_sponge.clone()),
&rands,
Some(rng),
).unwrap();
Expand All @@ -167,7 +165,7 @@ assert!(PCS::batch_check(
&query_set,
&values,
&proof_batched,
&mut (challenge_generator.clone()),
&mut (test_sponge.clone()),
rng,
).unwrap());
```
Expand Down
10 changes: 5 additions & 5 deletions bench-templates/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ use rand_chacha::{rand_core::SeedableRng, ChaCha20Rng};
use core::time::Duration;
use std::time::Instant;

use ark_poly_commit::{challenge::ChallengeGenerator, LabeledPolynomial, PolynomialCommitment};
use ark_poly_commit::{LabeledPolynomial, PolynomialCommitment};

pub use criterion::*;
pub use paste::paste;
Expand Down Expand Up @@ -123,7 +123,7 @@ where
[&labeled_poly],
&coms,
&point,
&mut ChallengeGenerator::new_univariate(&mut test_sponge()),
&mut test_sponge(),
&randomness,
Some(rng),
)
Expand Down Expand Up @@ -156,7 +156,7 @@ where
[&labeled_poly],
&coms,
&point,
&mut ChallengeGenerator::new_univariate(&mut test_sponge()),
&mut test_sponge(),
&randomness,
Some(rng),
)
Expand Down Expand Up @@ -193,7 +193,7 @@ where
[&labeled_poly],
&coms,
&point,
&mut ChallengeGenerator::new_univariate(&mut test_sponge()),
&mut test_sponge(),
&randomness,
Some(rng),
)
Expand All @@ -206,7 +206,7 @@ where
&point,
[claimed_eval],
&proof,
&mut ChallengeGenerator::new_univariate(&mut test_sponge()),
&mut test_sponge(),
None,
)
.unwrap();
Expand Down
61 changes: 0 additions & 61 deletions poly-commit/src/challenge.rs

This file was deleted.

43 changes: 18 additions & 25 deletions poly-commit/src/ipa_pc/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ pub use data_structures::*;
#[cfg(feature = "parallel")]
use rayon::prelude::*;

use crate::challenge::ChallengeGenerator;
use ark_crypto_primitives::sponge::CryptographicSponge;
use digest::Digest;

Expand Down Expand Up @@ -105,7 +104,7 @@ where
point: G::ScalarField,
values: impl IntoIterator<Item = G::ScalarField>,
proof: &Proof<G>,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
sponge: &mut S,
) -> Option<SuccinctCheckPolynomial<G::ScalarField>> {
let check_time = start_timer!(|| "Succinct checking");

Expand All @@ -117,7 +116,8 @@ where
let mut combined_commitment_proj = G::Group::zero();
let mut combined_v = G::ScalarField::zero();

let mut cur_challenge = opening_challenges.try_next_challenge_of_size(CHALLENGE_SIZE);
let mut cur_challenge: G::ScalarField =
sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0];

let labeled_commitments = commitments.into_iter();
let values = values.into_iter();
Expand All @@ -126,7 +126,7 @@ where
let commitment = labeled_commitment.commitment();
combined_v += &(cur_challenge * &value);
combined_commitment_proj += &labeled_commitment.commitment().comm.mul(cur_challenge);
cur_challenge = opening_challenges.try_next_challenge_of_size(CHALLENGE_SIZE);
cur_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0];

let degree_bound = labeled_commitment.degree_bound();
assert_eq!(degree_bound.is_some(), commitment.shifted_comm.is_some());
Expand All @@ -137,7 +137,7 @@ where
combined_commitment_proj += &commitment.shifted_comm.unwrap().mul(cur_challenge);
}

cur_challenge = opening_challenges.try_next_challenge_of_size(CHALLENGE_SIZE);
cur_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0];
}

let mut combined_commitment = combined_commitment_proj.into_affine();
Expand Down Expand Up @@ -488,7 +488,7 @@ where
labeled_polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<G::ScalarField, P>>,
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
point: &'a P::Point,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
sponge: &mut S,
rands: impl IntoIterator<Item = &'a Self::Randomness>,
rng: Option<&mut dyn RngCore>,
) -> Result<Self::Proof, Self::Error>
Expand All @@ -509,7 +509,7 @@ where

let combine_time = start_timer!(|| "Combining polynomials, randomness, and commitments.");

let mut cur_challenge = opening_challenges.try_next_challenge_of_size(CHALLENGE_SIZE);
let mut cur_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0];

for (labeled_polynomial, (labeled_commitment, randomness)) in
polys_iter.zip(comms_iter.zip(rands_iter))
Expand All @@ -531,7 +531,7 @@ where
combined_rand += &(cur_challenge * &randomness.rand);
}

cur_challenge = opening_challenges.try_next_challenge_of_size(CHALLENGE_SIZE);
cur_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0];

let has_degree_bound = degree_bound.is_some();

Expand Down Expand Up @@ -564,7 +564,7 @@ where
}
}

cur_challenge = opening_challenges.try_next_challenge_of_size(CHALLENGE_SIZE);
cur_challenge = sponge.squeeze_field_elements_with_sizes(&[CHALLENGE_SIZE])[0];
}

end_timer!(combine_time);
Expand Down Expand Up @@ -739,7 +739,7 @@ where
point: &'a P::Point,
values: impl IntoIterator<Item = G::ScalarField>,
proof: &Self::Proof,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
sponge: &mut S,
_rng: Option<&mut dyn RngCore>,
) -> Result<bool, Self::Error>
where
Expand All @@ -762,8 +762,7 @@ where
));
}

let check_poly =
Self::succinct_check(vk, commitments, *point, values, proof, opening_challenges);
let check_poly = Self::succinct_check(vk, commitments, *point, values, proof, sponge);

if check_poly.is_none() {
return Ok(false);
Expand All @@ -790,7 +789,7 @@ where
query_set: &QuerySet<P::Point>,
values: &Evaluations<G::ScalarField, P::Point>,
proof: &Self::BatchProof,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
sponge: &mut S,
rng: &mut R,
) -> Result<bool, Self::Error>
where
Expand Down Expand Up @@ -833,14 +832,8 @@ where
vals.push(*v_i);
}

let check_poly = Self::succinct_check(
vk,
comms.into_iter(),
*point,
vals.into_iter(),
p,
opening_challenges,
);
let check_poly =
Self::succinct_check(vk, comms.into_iter(), *point, vals.into_iter(), p, sponge);

if check_poly.is_none() {
return Ok(false);
Expand Down Expand Up @@ -876,7 +869,7 @@ where
polynomials: impl IntoIterator<Item = &'a LabeledPolynomial<G::ScalarField, P>>,
commitments: impl IntoIterator<Item = &'a LabeledCommitment<Self::Commitment>>,
query_set: &QuerySet<P::Point>,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
sponge: &mut S,
rands: impl IntoIterator<Item = &'a Self::Randomness>,
rng: Option<&mut dyn RngCore>,
) -> Result<BatchLCProof<G::ScalarField, Self::BatchProof>, Self::Error>
Expand Down Expand Up @@ -971,7 +964,7 @@ where
lc_polynomials.iter(),
lc_commitments.iter(),
&query_set,
opening_challenges,
sponge,
lc_randomness.iter(),
rng,
)?;
Expand All @@ -987,7 +980,7 @@ where
eqn_query_set: &QuerySet<P::Point>,
eqn_evaluations: &Evaluations<P::Point, G::ScalarField>,
proof: &BatchLCProof<G::ScalarField, Self::BatchProof>,
opening_challenges: &mut ChallengeGenerator<G::ScalarField, S>,
sponge: &mut S,
rng: &mut R,
) -> Result<bool, Self::Error>
where
Expand Down Expand Up @@ -1060,7 +1053,7 @@ where
&eqn_query_set,
&evaluations,
proof,
opening_challenges,
sponge,
rng,
)
}
Expand Down
Loading

0 comments on commit 3291693

Please sign in to comment.